14 matches found
EUVD-2025-209501
Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access...
CVE-2025-4320
Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation. This issue affects Sufirmam: through 23012026. NOTE: The vendor...
CVE-2019-7886
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts...
EUVD-2025-201305
The password reset mechanism for the Pivot client application is weak, and it may allow an attacker to take over the account...
EUVD-2022-3475
Malicious code in bioql PyPI...
CVE-2019-6560
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro Android App, the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak...
Default credentials
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-34357
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has...
CVE-2023-39910
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6.0 is weak, aka the Milk Sad issue. The use of an mt19937 Mersenne Twister PRNG restricts the internal entropy to 32 bits regardless of settings. This allows remote attackers to recover any wallet...
CVE-2022-0777
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3...
Improper access control
ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text...
CVE-2021-29023
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...
Design/Logic Flaw
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...
CVE-2019-6558
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro Android App, the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak...